Posted on October 16, 2018 at 2:23 PM
Importance of DNS in Protecting Your Business from DDoS Attacks
One of the crucial components of the modern Internet is the DNS (Domain Name System). In a way, the DNS serves as the Internet’s very own version of a phonebook.
Even though its role is so important, it is still one of the least appreciated aspects, especially when it comes to IT enterprises. This is likely due to the fact that not a lot of people understand how important it is for any online experience.
In truth, it is the first step when it comes to connecting to any online brand. By using it, the Internet translates domain names that humans can read to IP addresses, which are necessary for a browser to know where on the internet user wishes to go. It can be said that without DNS, internet users would not be able to have any sort of digital experience.
The importance of DNS
ISPs (Internet Service Providers) are the entities responsible for assigning DNS services. However, this also means that the provided DNS service may not be the best choice for certain technology firms. If the service is slow, tech companies are at risk of experiencing lags even before websites start to load.
Even so, this is likely the least of their problems, as the worst case scenario might even vent the Internet from functioning normally. If DNS doesn’t have a certain website as part of its records, that website cannot be reached by users. Additionally, there is also the fact that DNS query traffic may be vulnerable to hacking attacks if the ISP lacks proper encryption mechanisms.
Since not a lot of companies have faith in ISPs when it comes to providing DNS services, they often tend to offer to third parties. One such third party is Google itself, which offers its own DNS services. Companies usually tend to trust third parties more than their own ISPs, especially after incidents such as the one from two years ago.
At that time, large firms such as Twitter, Amazon, Netflix, and Comcast had their websites taken off the web as a result of a large DDoS attack.
Their DNS provider — Dyn — simply was not capable of fending off the attack. An entire network of computers got infected with malware that created a botnet, and Dyn got bombarded with information requests until it collapsed under them.
This has prevented users from all around the world from accessing websites that used Dyn as their DNS providers.
Can the incident happen again today?
While technology development has managed to deliver protection from a lot of threats that were once seen as devastating, an incident such as the one regarding Dyn is still possible today. In fact, DDoS attacks are something of a common occurrence these days, and a lot of large companies have been experiencing them almost regularly.
While most firms have learned how to defend themselves against smaller DDoS attacks, the largest ones are still a threat to everyone. One report, called 2018 ThousandEyes Global DNS Performance Report, claims that around 72% of FTSE’s 100 companies are at risk right now. Additionally, the report claims that around 68% of Fortune 500’s top 50 firms face this danger as well.
With results like that, it is clear that even the largest companies around the world still remain vulnerable to this day. This even includes 44% of SaaS providers. If these companies do not take the DDoS threat seriously and create a fallback DNS server, even a single attack could knock their business off the internet, provided it was large enough.
These days, as more and more business are relying on the internet for expanding their reach and increasing revenue, spreading DNS awareness is more crucial than ever.
How can companies protect themselves?
When it comes to DNS resiliency, the first thing that companies have to do is understand its importance. Just as IT firms would never create a data center without backup power, the same is true for DNS. It remains clear that firms do not understand this since most of them are still using a single DNS service.
If an attack disrupts this connection, the website will go down. Even so, IT practitioners still tend to pay little to no attention to DNS, which is a clear indication that they do not understand its importance. Instead, companies believe that they are protected if they have more than one nameserver when this is actually not the case.
Instead of relying on false hope, technology companies need to take control of DNS. This means actively choosing their DNS provider, and exploring different third parties that will provide them with the best service. This can easily lead to better speed, increased security, and numerous other benefits.